Community Grant Program History and Recipients

Community Grant Program History and Past Grant Recipients

2020 Application Statistics

2020 Applications
Applications 13
Organization Type 1 association, 7 corporations, 5 "other" orgs
Organization Region 2 Canada, 7 United States, 1 Caribbean, 3 outside ARIN region
Category (some projects identified multiple categories) 9 Internet technical improvements, 5 Registry processes and technology improvements, 5 Informational outreach, 3 Research
Total funding requested (USD) $305,965
Average funding requested (USD) $23,536
Projects selected to receive a grant 8
Total funding provided (USD) $60,000

2020 ARIN Community Grant Program Recipients

Project summaries provided by grant recipients.

Build-out of Internet Exchange Points in the Caribbean Region

Caribbean Network Operators Group
Weston, FL, USA
Grant amount: $12,500

The objective of the project is to develop nascent Internet Exchange Points (IXPs) in the Caribbean Region and help them become significant components of their countries’ domestic Internet infrastructure. In many cases across the Region, we have stakeholders who have agreed in principle to exchange domestic traffic at IXPs or have even taken the first step by establishing peering at a shared facility. However, the initiatives have not borne fruit in all cases, due to the absence of a wider enabling environment, ongoing access to expertise, and lack of the right equipment.

This multi-country, multi-year plan seeks to address the status quo by: (a) assisting with the bringing together of the technical community and other stakeholders, (b) providing access to persons with expertise and prior experience, (c) reviewing existing systems and structures with a view to recommending improvements, (d) providing needed equipment, (e) assisting with equipment installation, and (f) delivering training. We believe this specific injection of guidance, equipment and in-person collaboration, together with the ongoing support of the CaribNOG community, will be sufficient to catalyze a self-sustaining process at each IXP.

IPv6 Security, Applications, and Training for Enterprises

Industry Network Technology Council
Austin, TX, USA
Grant amount: $12,500

Enterprise IPv6 adoption has lagged. In 2019, INTC provided IPv6 training to enterprise technicians. In 2020, we propose an initial assessment of security and application conversion at large enterprises and to continue our training efforts. We hope this time to involve 5 – 10 enterprises. Additionally, we propose involving another Internet registry, APNIC, as lack of adoption of IPv6 at enterprises is a global problem. Security, application conversion and training were seen as problems in our survey of enterprises as they anticipate IPv6 migration. We will create:

An application inventory:

  • Common enterprise applications, middleware, code libraries, and other software
  • IPv6 support of the above
  • Methodology for doing an enterprise application assessment

A security inventory:

  • Common enterprise IPv4 security defense mechanisms and usage (IDS / IPS, ACLs, virus checkers, malware, etc.) categorized by topology and function (client, server, backbone network, cloud)
  • Potential new IPv6 attacks given the environment above
  • How to do IPv6 security defense given the above
  • Methodology for doing an enterprise security assessment
  • Initial assessment of enterprise security products and platforms

Training classes:

  • IPv6 Trace Reading 101
  • IPv6 Troubleshooting

Integrated IPv6 Research

Saatvik Research
Silver Springs, NV, USA
Grant amount: $10,000

This project endeavors to: 1. build a relational database of existing, standalone datasets from ARIN (expanding to all 5 registries), NIST, vyncke.org and business databases, 2. host the resulting relational database, 3. make the integrated relational database publicly available for IPv6 research.

The initial body of research from the relational database will define leading indicators of IPv6 adoption to complement the more common lagging indicator of traffic. Gaining an understanding of enterprise IPv6 adoption trends by analyzing the standard deviations from address acquisition through service enablement of web, DNS & email is critical for policy making bodies (government, non-profit and private) to estimate IPv6 adoption timelines as well as industry-specific adoption strategies and incentives.

CrypTech Project

CrypTech
Amsterdam, The Netherlands
Grant amount: $6,000

Working since 2014, the CrypTech Project has developed an open-source hardware cryptographic engine design to meet the needs of high assurance Internet infrastructure systems that use cryptography. Our open-source hardware designs are aimed to be of general use to the broad Internet community, covering needs such as securing email, web, DNSSEC, PKIs, etc. The project has produced a design and hardware boards that have been used in various experiments and tests, and now an external product. We are proud to say that the current design has been the subject of a positive external security evaluation. The CrypTech core team is now completing the next generation of designs thanks in part to previous funding from an ARIN Community Grant. We will be producing a board to verify the changes made to the previous design, validating the 10x performance improvement we’ve already achieved, and assessing what additional improvements will be possible in the new design.

Bringing Back Voice Peering: Operational Lessons for Reference Technical & Organisational Architectures

Canadian Voice Peering Project
Toronto, ON, Canada
Grant amount: $5,000

The Canadian Voice Peering Project is a not-for-profit, cooperative effort to establish a rich, secure mesh of direct, Internet-Protocol-based interconnection, using the SIP and ENUM protocols, for calls between Canadian telephone numbers – the voice version of a local Internet exchange. Surprisingly, such a voice exchange is not used widely today. However, that was not true in the past: in the 2000s, a number of voice peering projects got started, and lasted for a while, before disappearing. “Bringing Back Voice Peering” will uncover and publish the oral history of these peering projects, including what worked both organisationally and technically and what didn’t, resulting in a final report on operational lessons for a reference architecture for voice peering projects.

RPKI origin validation visibility for Check My DNS

OARC, Inc
Indianapolis, IN, USA
Grant Amount: $5,000

Check My DNS is a custom developed DNS nameserver that creates dynamic delegated subdomains to enable clients to query for never-seen-before resource records in order to support a general-purpose framework for testing DNS resolvers. In late 2019 our software engineer, Jerry Lundström, started to look into how an RPKI origin validation check for DNS resolver could be possible as he got inspired by RIPE NCC’s RPKI web tester. With the collaboration between OARC, RIPE NCC, NLnet Labs and NTT we got access to the same system running RIPE NCC’s RPKI web tester to run a proxy for Check My DNS so an RPKI origin validation check could be added. At that time, we did not have the resources to fully add this check to the web UI of Check My DNS so the check is only accessible via a command line tool. This project will aim towards adding visibility for the RPKI origin validation check on Check My DNS in a way that is as user-friendly as possible.

Virtual School of Internet Governance

Foundation for Building Sustainable Communities
Oshawa, ON, Canada
Grant amount: $5,000

The Virtual School of Internet Governance is a free MOOC (Massive Open Online Courseware) dedicated to the key pillars of Internet Governance. We are using MOODLE which provides the framework including student registration, online forums, Bluejean chats, student assignments, quizzes and more. The rich content focuses on the primary learning objectives as found in face to face schools of Internet Governance. Due to COVID 19, these schools are either halted or seriously postponed. Our online courseware provides an integrated taxonomy from the novice to the advanced student to learn the basics of Internet Governance.

RRDP support for rpki-client

rpki-client
Amsterdam, The Netherlands
Grant amount: $4,000

rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure (RPKI) for Relying Parties (RP) to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system and outputs Validated ROA Payloads in various configuration formats. rpki-client does not yet support the RRDP protocol for pulling data publication points via the RRDP protocol. Extending rpki-client to support RRDP will in the long term improve RPKI usability for both ARIN and rpki-client users as the use of RRDP reduces the reliance on ARIN’s rsync servers.

2019 Application Statistics

2019 Applications
Applications 23
Organization Type 3 associations, 10 corporations, 1 LLC, 9 "other" orgs
Organization Region 2 Canada, 16 United States, 0 Caribbean, 5 outside ARIN region
Category (some projects identified multiple categories) 11 Internet technical improvements, 3 Registry processes and technology improvements, 16 Informational outreach
Total funding requested (USD) $350,651
Average funding requested (USD) $15,246
Projects selected to receive a grant 4
Total funding provided (USD) $44,500

2019 ARIN Community Grant Program Recipients

Project summaries provided by grant recipients.

DNS Open-Source Tools Enhancement & Maintenance

DNS-OARC
Indianapolis, IN, USA
Grant amount: $7,500

Internet operations and infrastructure critically depend upon the DNS. While there are many vendor solutions available for implementing DNS service, the gathering, measurement, testing and debugging of DNS traffic, protocol features and vulnerabilities are no less critical a part of this. Part of DNS-OARC’s public benefit mission is to develop publicly available tools and services that support these capabilities, and these are widely used by the DNS and operator communities. Our open-source tools including; dsc (dns stats collector), dnsjit (captures and replays DNS), dnscap (network capture utility), dnsperf (performance testing), and drool (replays DNS), (and others). These need constant maintenance and improvements. The use of these open-source tools is free, and as a 501(c3) nonprofit, OARC seeks to fund development and hardware costs to support this public benefit work.



Many of these tools have been developed in-house over time by OARC and its contributors. Others have been developed externally, and either donated to OARC by the original owner, or in some cases OARC has taken custodianship for the community of DNS tools which have become ‘orphaned’ from their original developers.

IPv6 Training for Enterprises

Industry Network Technology Council
Fairfax, VA, USA
Grant amount: $20,000

Enterprise IPv6 adoption has lagged. One of the issues is that enterprise technicians don’t know how IPv6 works. The technicians want to get trained yet the management does not feel that they do not want to pay for such training because they do not see a business need for adoption.

This creates an unfortunate cycle where misinformation about the complexity of the IPv6 protocol and unreasonable fears about security and manageability combine with the perceived lack of urgent business needs to prevent adoption of IPv6.

We have a multi-pronged strategy. We can provide technical training on many of the core features of IPv6. We plan a series of webinars this year. We presented one such webinar last year which was attended by over 120 people from over 70 separate enterprises including outsourcing companies, “brick-and-mortar” Fortune 500 type enterprises, small independent software companies and others.



CrypTech Open Source Cryptography Project

CrypTech/Stichting NLnet
Amsterdam, The Netherlands
Grant amount: $10,000
Project Report

Working since 2014 the CrypTech project has developed an open-source hardware cryptographic engine design to meet the needs of high assurance Internet infrastructure systems that use cryptography. Our open-source hardware designs are aimed to be of general use to the broad Internet community, covering needs such as securing email, web, DNSSEC, PKIs, etc. The project has produced a design and hardware boards that have been used in various experiments and test, and now an external product. We are proud to say that the current design has been the subject of a positive external security evaluation. The CrypTech core team are now beginning the process of designing next generation designs and ARIN community funding can help enable this process.

Global NOG Alliance Admin Tool

Global NOG Alliance
Apeldoorn, The Netherlands
Grant amount: $7,000

The Global NOG Alliance (GNA) is a non-profit foundation which has been set up to help Network Operator Groups and technical communities all around the world. We help NOGs by providing logistical support for their events and membership administration, thereby freeing up NOG organizers to focus on their core functions of growing and improving knowledge and expertise in their communities.

Our initial services to NOGs include providing technical support and hosting their websites, mailing lists, mailboxes, call-for-papers and event management tools. Now, while there are many open source tools capable of providing piecemeal solutions, there is nothing readily available that does exactly what NOGs need to free them from their administrative burdens.

Our project therefore is to integrate existing open source solutions into a cohesive, easy-to-use system providing single-sign-on access to a wide range of useful event planning and membership administration tools. As open source advocates, we would also contribute to existing open source projects to improve their value for NOGs. Where existing tools do not exist or where integration between tools is not yet available we are looking to develop those parts, and of course release them as open source.